nostril

A C cli tool for creating nostr events
git clone git://jb55.com/nostril
Log | Files | Refs | Submodules | README | LICENSE

aes.h (2790B)

      1 #ifndef _AES_H_
      2 #define _AES_H_
      3 
      4 #include <stdint.h>
      5 #include <stddef.h>
      6 
      7 // #define the macros below to 1/0 to enable/disable the mode of operation.
      8 //
      9 // CBC enables AES encryption in CBC-mode of operation.
     10 // CTR enables encryption in counter-mode.
     11 // ECB enables the basic ECB 16-byte block algorithm. All can be enabled simultaneously.
     12 
     13 // The #ifndef-guard allows it to be configured before #include'ing or at compile time.
     14 #ifndef CBC
     15   #define CBC 1
     16 #endif
     17 
     18 #ifndef ECB
     19   #define ECB 0
     20 #endif
     21 
     22 #ifndef CTR
     23   #define CTR 0
     24 #endif
     25 
     26 
     27 //#define AES128 1
     28 //#define AES192 1
     29 #define AES256 1
     30 
     31 #define AES_BLOCKLEN 16 // Block length in bytes - AES is 128b block only
     32 
     33 #if defined(AES256) && (AES256 == 1)
     34     #define AES_KEYLEN 32
     35     #define AES_keyExpSize 240
     36 #elif defined(AES192) && (AES192 == 1)
     37     #define AES_KEYLEN 24
     38     #define AES_keyExpSize 208
     39 #else
     40     #define AES_KEYLEN 16   // Key length in bytes
     41     #define AES_keyExpSize 176
     42 #endif
     43 
     44 struct AES_ctx
     45 {
     46   uint8_t RoundKey[AES_keyExpSize];
     47 #if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1))
     48   uint8_t Iv[AES_BLOCKLEN];
     49 #endif
     50 };
     51 
     52 void AES_init_ctx(struct AES_ctx* ctx, const uint8_t* key);
     53 #if (defined(CBC) && (CBC == 1)) || (defined(CTR) && (CTR == 1))
     54 void AES_init_ctx_iv(struct AES_ctx* ctx, const uint8_t* key, const uint8_t* iv);
     55 void AES_ctx_set_iv(struct AES_ctx* ctx, const uint8_t* iv);
     56 #endif
     57 
     58 #if defined(ECB) && (ECB == 1)
     59 // buffer size is exactly AES_BLOCKLEN bytes; 
     60 // you need only AES_init_ctx as IV is not used in ECB 
     61 // NB: ECB is considered insecure for most uses
     62 void AES_ECB_encrypt(const struct AES_ctx* ctx, uint8_t* buf);
     63 void AES_ECB_decrypt(const struct AES_ctx* ctx, uint8_t* buf);
     64 
     65 #endif // #if defined(ECB) && (ECB == !)
     66 
     67 
     68 #if defined(CBC) && (CBC == 1)
     69 // buffer size MUST be mutile of AES_BLOCKLEN;
     70 // Suggest https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme
     71 // NOTES: you need to set IV in ctx via AES_init_ctx_iv() or AES_ctx_set_iv()
     72 //        no IV should ever be reused with the same key 
     73 void AES_CBC_encrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
     74 void AES_CBC_decrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
     75 
     76 #endif // #if defined(CBC) && (CBC == 1)
     77 
     78 
     79 #if defined(CTR) && (CTR == 1)
     80 
     81 // Same function for encrypting as for decrypting. 
     82 // IV is incremented for every block, and used after encryption as XOR-compliment for output
     83 // Suggesting https://en.wikipedia.org/wiki/Padding_(cryptography)#PKCS7 for padding scheme
     84 // NOTES: you need to set IV in ctx with AES_init_ctx_iv() or AES_ctx_set_iv()
     85 //        no IV should ever be reused with the same key 
     86 void AES_CTR_xcrypt_buffer(struct AES_ctx* ctx, uint8_t* buf, size_t length);
     87 
     88 #endif // #if defined(CTR) && (CTR == 1)
     89 
     90 
     91 #endif // _AES_H_